All open roles
DevSecOps / Infrastructure Engineer
San Francisco, CaliforniaFull-time
As we take on more government and defense work, the security and integrity of our infrastructure becomes its own discipline — and we want someone who owns it rather than spreading it thin across the product engineers. The "sec" in this role is the point: you'll be responsible for how sensitive data moves, where it lives, and who can see it, so the rest of the team can focus on building.
What you'll do
- Own our infrastructure and deployment pipeline — including deploying into containerized, customer-provided environments and on Azure.
- Own the security posture for controlled and sensitive data: data transmission, storage, access control, key management, and who can and can't see what.
- Drive our compliance program from identification into implementation — NIST controls (we're already tracking these in ControlMap), CMMC / SPRS, and recurring assessments like SOC 2 Type II.
- Partner with leadership and IT on compliance requirements and timelines, and turn a backlog of controls into an ongoing, sustainable program that doesn't grind product velocity to a halt.
- Take security concerns off the plates of full-stack and ML engineers so they can ship.
What we're looking for
- U.S. citizenship (required). This role works with sensitive government Controlled Unclassified Information (CUI) and is subject to government contract requirements.
- Strong DevOps / infrastructure background — CI/CD, cloud (Azure especially), containerized deployments, and infrastructure-as-code.
- Hands-on security experience: access control, data segregation, secrets/key management, secure environments.
- Experience implementing and maintaining compliance frameworks — NIST 800-171 / CMMC, SOC 2, or similar — not just reading them.
- A pragmatic mindset about doing this well on a small team without over-building.
Nice to have
- Direct defense or government contracting experience and familiarity with CUI handling.
- CISO-adjacent experience defining data-access and data-residency policy.
Interested?
Tell us a bit about yourself and why this role fits. We read every application.
Apply by Email